Commit Graph

323 Commits (fe48b35cfdaf70e15589288a1b20ba356b43b6d5)

Author SHA1 Message Date
Christian Boltz 6eda18fcde prepare PostfixAdmin 3.0 release
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1861 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 2a6247a6d9 db_connect(): drop unused variable $succes(s)
One of the variable names had a typo [1], and since those variables are
unused, the best way is to drop them.

[1] reported by tfarina, https://github.com/postfixadmin/postfixadmin/issues/15


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1858 a1433add-5e2c-0410-b055-b7f2511e0802
8 years ago
Christian Boltz 13cdd50d0a Add checks to login.php and cli to ensure database layout is up to date
- add check_db_version() to functions.inc.php
- add $min_db_version (needs to be updated at least before the release)
- call check_db_version in login.php, users/login.php and CLI - they'll
  error out if the database layout is outdated
- change setup.php to use check_db_version()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1853 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a00e8a811d functions.inc.php:
- check_domain(): someone had the great idea to allow punicode
  even in TLDs, so we better allow it.
  https://sourceforge.net/p/postfixadmin/feature-requests/93/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1839 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz a0151bd5a1 functions.inc.php:
- pacrypt(): don't stripslashes($pw) because this breaks passwords with
  backslashes. This stripslashes() existed since forever, but probably
  became harmful with all the rewrites in the last years.
  https://sourceforge.net/p/postfixadmin/bugs/349/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1838 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 9335232024 functions.inc.php:
- fix db_quota_text() for postgresql (concat() vs. ||)
  https://sourceforge.net/p/postfixadmin/bugs/370/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1834 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
David Goodwin d3ca74af0d merge github pull request into svn manually - 3e62d3975a - adding configurable smtp helo (CONF["smtp_client"])
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1832 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz b261db86c7 Merge pull request #9 from phyrog/master
Add sqlite backend option (thank you @phyrog for doing this)

(imported from github)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1824 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 129a65b8c5 functions.inc.php:
- gen_show_status(): escape mail addresses in query.
  Fixes https://sourceforge.net/p/postfixadmin/bugs/356/
  (mostly - the edit/delete/... links in list-virtual are double-escaped)
  In theory this could allow SQL injection, in practise the mail address
  regex limits this issue to a DOS (creating a mail address with ' caused
  an invalid query that broke list-virtual)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1809 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 9636fe9de3 3.0 beta3 (= 2.93) release - update $version and changelog
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1799 a1433add-5e2c-0410-b055-b7f2511e0802
9 years ago
Christian Boltz 5307cfe48a functions.inc.php check_domain():
Measure time needed for the nameserver queries, and error_log a warning
if the queries need more than 2 seconds in total.

Inspired by a question from t-ask on IRC, who suffered from a slow
nameserver and had some "fun" to debug it ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1790 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 3a72203de4 AliasHandler:
- initStruct(): replace (wrong) 'editable' with '_can_edit' and '_can_delete'
- read_from_db_postprocess(): disable _can_edit and _can_delete for
  default aliases if special_alias_control is off and not superadmin

list.tpl:
- use $item._can_edit instead of $check_alias_owner

list-virtual.php:
- drop $check_alias_owner variable and check_alias_owner() call
  (replaced by the code added in AliasHandler)
- drop unused $sql_domain

functions.inc.php:
- delete no longer used check_alias_owner() function



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1774 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz cc598d0f3f PFAHandler:
- build_select_query(): add support for $search['_'] (searching if one
  of the $this->searchfields contains the search text)
- getList(): make sure '_' is kept in the search parameters

functions.inc.php:
- db_where_clause(): slightly relax checks - if $condition is empty,
  only error out if $additional_raw_where is also empty


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1772 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 5605561ca8 functions.inc.php:
- better formatting in db_quota_text() and db_quota_percent() results
  (for example, infinity sign instead of / 0 for unlimited)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1744 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 13f1a28b6e PFAHandler:
- read_from_db(), getList(): 
  - add $searchmode parameter (_before_ $limit and $offset!) to be able to 
    use query different query modes, not only "="
  - add a warning that $condition will be changed to array only in the future
- getList(): filter $condition for fields that are available to the user
  to avoid information leaks by using search parameters
  (filter is only applied if $condition is an array!)

functions.inc.php: 
- db_where_clause():
  - add $additional_raw_where parameter for additional query parameters
  - add $searchmode parameter to be able to use query different
    query modes, not only "=" (see $allowed_operators)
  - check for allowed operators in $searchmode
  - split query into WHERE and HAVING (if a parameter has
    $struct[select] set, HAVING is used)

list-virtual.php:
- adopt getList() call to the new syntax

AliasHandler:
- adopt getList() definition and call to the new syntax

 


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1731 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 786a7d665e functions.inc.php:
- pacol():
  - add $linkto parameter (if list mode should link to something)
  - replace $not_in_db with $multiopt - the remaining parameters can
    now be specified as associated array (backwards-compatible)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1719 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz 9093a946b4 functions.inc.php:
- add functions db_quota_text() and db_quota_percent() to generate
  queries for used quota ("x/y" and percentage)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1712 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz e8b0198512 2.92 (aka 3.0 beta2) release
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1706 a1433add-5e2c-0410-b055-b7f2511e0802
10 years ago
Christian Boltz d3964f600e functions.inc.php
- db_get_boolean: error_log invalid values


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1672 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 0b116c1605 version 2.91 aka 3.0 beta1
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1670 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 8e04104b20 functions.inc.php:
- db_log():
  - replace $action_list with $LANG["pViewlog_action_$action"]
  - drop unused $table_log variable


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1658 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
David Goodwin b3074644ff alias can contain a ' - as in email.o'connor - need to therefore escape this...
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1639 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz e7fe6e16ef functions.inc.php:
- check_domains(): raise TLD limit to 13 chars - even if I seriously
  doubt someone wants to use such a long TLD ;-)
  ( https://sourceforge.net/p/postfixadmin/bugs/310/ again)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1637 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 9bcc57cd88 functions.inc.php
- check_domain(): update regex for new, longer TLDs like .photography
  https://sourceforge.net/p/postfixadmin/bugs/310/
 


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1635 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 252ae047d5 various files:
- get rid of global $table_* variables, use table_by_key() instead



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1601 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 57f4ad0b75 functions.inc.php pacrypt():
- for 'system' encryption, use full hashed password as salt 
  https://sourceforge.net/p/postfixadmin/bugs/2/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1595 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 1a35cccf5e list-virtual.php:
- remember domain and page browser offset in $_SESSION
  (fixes 50% of http://sourceforge.net/p/postfixadmin/bugs/298/ )
- various cleanups

functions.inc.php:
- add safesession() (like safeget(), but for $_SESSION)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1593 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz c349420210 functions.inc.php
- db_query(): do not print out the failed query, error_log() it instead
  to avoid information leaks.
- update SF forum URL


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1592 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 20d1ffcafc functions.inc.php:
- new function db_pgsql() to replace lots of
  "if ($CONF[database_type] == 'pgsql')) checks
- delete unused function boolconf()

several files:
- use db_pgsql() instead of checking $CONF[database_type]



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1582 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 2bf5df92ea functions.inc.php, DomainHandler, MailboxHandler:
- move mailbox_postdeletion() to MailboxHandler
- move domain_postcreation() and domain_postdeletion() to
  DomainHandler
- adopt those functions for usage inside the *Handler (replace
  print with $this->errormsg etc.)



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1579 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 6e2e132bac remove "postfixadmin.com" in comments in lots of files
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1558 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz d900835997 functions.inc.php:
- pacrypt(): fix dovecot:* to work with "old" passwords that don't have 
  the {method} prefix


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1554 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz b137e774f6 functions.inc.php:
- check_language(): remove things like ";q=0.8" before checking if 
  a language exists


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1547 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 4d9a338eb2 After hunting an "undefined index transport" error in list-domain, I
found out that the 'Config' class is too static - it shares its static
data with the 'Lang' child class. 

This caused a conflict because we have $CONF[transport] and 
$PALANG[transport], and Config::read('transport') returned the $PALANG 
text.

To fix this, all texts are now stored as $CONF[__LANG].
I also dropped the 'Lang' class.


model/Config.php:
- mark the 'Config' class as final to ensure we don't trap into the 
  "too static" problem again.
- bool(): display and log an error message if a $CONF option does not
  contain YES or NO (that would have uncovered this bug much earlier)
- add lang() and lang_f() wrapper functions to get $PALANG texts
- remove unused $__cache and $__objects

model/Lang.php:
- deleted

common.php:
- store $PALANG as $CONF[__LANG]

lots of files:
- replace Lang::read() and Lang::read_f() calls with Config::lang()
  and Config::lang_f()




git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1536 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz f2c2b554ac model/PFAHandler.php:
- getList: change return value to be always true (even if the database 
  result is an empty array), and die() if the database result is not an 
  array.
  This avoids some if blocks in various files to implement a fallback
  to array() on empty results.

functions.inc.php:
- list_admins(): simplify after the *Handler->getList() change
- get_domain_properties(): change a forgotten $handler->return to 
  $handler->result() (follow-up for r1534)

list-domain, list-virtual.php:
- simplify after the *Handler->getList() change



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1535 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 43f2591d93 functions.inc.php:
- smtp_get_admin_email(), domain_postcreation(), domain_postdeletion(): 
  use Config::read instead of $CONF
- smtp_get_response(): whitespace fixes



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1532 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz f444de402b functions.inc.php:
- pacrypt(), dovecot:* method:
  - allow "." in dovecot method (to allow a suffix like ".b64")
  - blacklist SCRAM-SHA-1 (needs -u)
  - check against list of non-salted methods to be backward compatible
    with dovecot < 2.1 again
  Thanks to Szilagyi Jozsef <szjozsef AT yahoo DOT com> for providing
  the list of non-salted methods etc.

functions.inc.php, scripts/postfixadmin-cli.php:
- drop unused global variables $table_admin and $table_alias_domain



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1529 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 5d4240ce52 functions.inc.php:
- pacrypt: digest-md5 hashes include the username - until someone 
  implements it, let's declare it as unsupported and error out


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1525 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 0d6f9ff99f functions.inc.php:
- pacrypt(): some small changes after Szilagyi Jozsef's patch:
  - comment out unused $crypt_method
  - change $dovecotpw default to "doveadm pw" (unrelated to the patch)
  - set $dovepasstest to "-t $pw_db" instead of having two similar
    command lines, and also shellescapearg() $pw_db
  - use "if (empty($dovepasstest))" instead of "if (empty($pw_db))"



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1524 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 161d387485 - pacrypt(): add support for dovecot *-CRYPT passwords
doveadmin pw now has an option "-t $hash" which allows to verify 
  salted passwords (added in dovecot 2.1 AFAIK)
  Also, the {METHOD} part is no longer removed.

  Patch by Szilagyi Jozsef <szjozsef [at] yahoo.com> - thanks!

  (The schemes which requires also the username -u option is still not supported)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1523 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz c2ccffb76c functions.inc.php:
- mailbox_postdeletion(): use Config::read instead of global $CONF


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1522 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 73a793433e moved the following functions from functions.inc.php to MailboxHandler.php:
- check_quota ()
- allowed_quota()
- mailbox_postcreation()
- mailbox_postedit()
- create_mailbox_subfolders()

The code was moved without any changes, except
- added leading whitespace
- removed "TODO: move to MailboxHandler" ;-)


MailboxHandler:
- change function calls for moved functions


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1515 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz ecc84a1486 functions.inc.php:
check_quota()
  mailbox_postcreation()
  mailbox_postedit()
  create_mailbox_subfolders()
  - use Config::read() / Config::bool() instead of $CONF
  - update comment header
  - some minor changes to make the code better readable



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1514 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago
Christian Boltz 414c05e678 functions.inc.php:
- db_where_clause(): wrap condition in "(...)"


model/PFAHandler.php:
- read_from_db(): wrap condition in "(...)"


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1493 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz a07b822906 functions.inc.php:
- remove unused functions:
  - authentication_is_admin()
  - authentication_is_user()
  - check_string()
  - admin_exist()
  - domain_exist()
- add various TODO notes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1482 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 79403ad709 functions.inc.php:
- delete unused function get_mailbox_properties()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1481 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 2cbbac134f functions.inc.php:
- replace boolconf() calls with Config::bool()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1474 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 71200c1049 functions.inc.php:
- check_email: mention the invalid mail address in errormessage
  (needs text change)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1470 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz b15319c21a functions.inc.php, model/Config.php:
- move boolconf() to Config::bool()
  boolconf() will stay for backwards compability, but new code
  should use Config::bool()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1467 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 66ab8fb290 functions.inc.php:
- db_log(): allow delete_admin action


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1455 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 9c92eef2ff functions.inc.php:
- remove some unused "global $CONF"
- replace some $CONF usage with Config::read() or boolconf()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1453 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 70978e09a4 functions.inc.php:
- check_domain(), check_email(): 
  use Lang::read and Config::read instead of global variables 
  (global variables, at least $PALANG, don't seem to work with CLI)
- boolconf(): 
  - use Config::read instead of global $CONF
  - drop isset() check - doesn't make sense when using Config::read


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1452 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 871bcbbe2f functions.inc.php:
- check_domain(), check_email(): instead of calling flash_error(),
  return string with error message - or empty string if everything is ok

model/AdminHandler.php, model/AliasHandler.php,
model/DomainHandler.php, model/MailboxHandler.php,
sendmail.php, users/edit-alias.php:
- adopt to changed check_domain() and check_email() return value


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1451 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 68390b0201 functions.inc.php
- allowed_quota: if $CONF[quota] == NO, just return 0 (unlimited)

list-virtual.php:
- only eval_size($limit['maxquota']) if $CONF[quota] == YES
  ($limit['maxquota'] is not set if $CONF[quota] == NO)

Both issues (which caused PHP warnings) were found by TigerP on IRC


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1445 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 74deef8221 functions.inc.php:
- validate_password(): use Config::read and Lang::read instead of 
  $CONF and $PALANG


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1439 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz b4823b9e04 Finally replace create-mailbox.php with edit.php?table=mailbox :-)
configs/menu.conf:
- change url_create_mailbox to edit.php?table=mailbox

templates/list-virtual.tpl:
- replace hardcoded create-mailbox.php with {#url_create_mailbox#}

functions.inc.php:
- delete functions that are now part of MailboxHandler:
  - check_mailbox()
  - multiply_quota()
- add some TODO notes

config.inc.php:
- rewrite a comment that referenced create-mailbox.php

create-mailbox.php:
- delete - no longer needed


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1433 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 8d2e570c03 functions.inc.php:
- _flash_string(): move return outside the foreach so that multiple
  messages can be displayed


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1430 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz 7a7403aa76 functions.inc.php:
- check_quota(): first check if enforcing quotas is disabled via $CONF[quota]


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1413 a1433add-5e2c-0410-b055-b7f2511e0802
12 years ago
Christian Boltz ae61ee180f functions.inc.php:
- check_owner(): with AdminHandler, we can get 2 results (ALL + a domain).
  Relax the check to accept this case.



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1399 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 17911b75d2 functions.inc.php:
- pacrypt(): no longer escape_string() the result. This fixes
  https://sourceforge.net/tracker/index.php?func=detail&aid=3094804&group_id=191583&atid=937964

create-mailbox.php, password.php:
- escape_string() the pacrypt() result

login.php:
- simplify code to require one query less (this also removes the need 
  to escape_string() the password)

I also checked the other files using pacrypt() - they don't need 
escaping or already do it.



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1397 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 57b28f1ae2 config.inc.php:
- remove the (now superfluous) $CONF['postfix_admin_url'] config option

debian/patches/db_credentials:
- remove the section that sets $CONF['postfix_admin_url']

functions.inc.php - authentication_require_role():
- also remove $CONF['postfix_admin_url'] from comments
- remove the './' part from the redirect

Combined with the previous two commits, this fixes
https://sourceforge.net/tracker/?func=detail&aid=3039042&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1396 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 40011a1a98 functions.inc.php:
- authentication_require_role(): no longer use $CONF['postfix_admin_url']
  https://sourceforge.net/tracker/?func=detail&aid=3039042&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1394 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz a6a3483569 Some things are easier than you might think...
functions.inc.php:
- create_page_browser(): Fix count() query for pgsql. Fixes
  https://sourceforge.net/tracker/?func=detail&aid=3292648&group_id=191583&atid=937964
- surprise: the query to actually generate the pagebrowser already works 
  with pgsql :-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1392 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz a211a95c39 functions.inc.php:
- check_email(): don't trim() mail address to avoid that aliases
  starting with a space are allowed. This fixes
  https://sourceforge.net/tracker/?func=detail&aid=3066059&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1390 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 954b18c169 functions.inc.php
- create_page_browser(): revert r1387 and...
- db_query(): ...replace it with the correct fix ;-) (avoid mysqli 
  reconnects)

The problem was that db_query() used is_resource() to check if we
already have a database connection, but a mysqli connection is an
object, not a resource.
This resulted in a new database connection for each query. Therefore
mysqli "forgot" the value of SET @row before executing the following
SELECT query (which used a new mysqli connection).

The fix is to also check with is_object() to avoid mysqli reconnects.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1388 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 182c67e1cd functions.inc.php:
- create_page_browser(): include MOD(idx.row, $page_size) in outer SELECT.
  This is needed on some MySQL setups which otherwise return an empty set.

Thanks to f-dens_ on IRC for helping to debug it.



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1387 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 102cb4ed50 functions.inc.php:
- change list_admins() to use AdminHandler (code from list-admin.php)
  Note: this changes the return value format to include all details, 
  not only the usernames. Use array_keys(list_admins()) if you need
  the previous return format.
 
list-admin.php:
- replace code with a list_admins() call

list-domain.php:
- adopt to new list_admins() return value



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1386 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz b3cdbfe88a functions.inc.php:
- _flash_string(): also accept an array of messages, not only a string
- comment updates for _flash_info() and flash_error() to reflect this change


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1378 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz a9f252baea functions.inc.php:
- delete unused function db_boolean_to_int()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1377 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 3b920fc442 functions.inc.php:
- remove_from_array() was accidently wrapped by 
  if (!function_exists('hex2bin'))


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1369 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 31b94156c4 functions.inc.php:
- delete leftover comment from (long time deleted) function create_admin()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1368 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz b0277b6c03 functions.inc.php
- new function remove_from_array()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1343 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 4e5bd47183 functions.inc.php:
- pacrypt(): escape_string() $salt for mysql_encrypt to be on the safe side


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1332 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 19b9535e43 functions.inc.php:
- PHP around 5.3.8 includes hex2bin as native function - http://php.net/hex2bin
  therefore we have to wrap our function (which fortunately gives the same
  results) with function_exists().
  Reported by MadOtis on #postfixadmin



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1328 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
David Goodwin cb640c87c1 fix sql injection in pacrypt() when mysql_crypt is in use; see previous commits etc esp in the 2.3 branch
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1327 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz e719c6c4dd create-alias.php:
- deleted, obsoleted by edit.php?table=alias

functions.inc.php:
- drop function check_alias() - it was only used by create-alias.php
  (AliasHandler has a similar function create_allowed(), which is a
  copy of check_alias() with superfluous {...} removed)

configs/menu.conf
- replace create-alias.php with edit.php?table=alias
- append "?" to url_create_mailbox to avoid temporary change in menu.tpl
  (create-mailbox is the only one which still needs ? instead of &)

templates/list-virtual.tpl:
- use {#url_create_alias#} instead of hardcoded create-alias.php

templates/menu.tpl:
- $url_domain: url-escape domain, use & instead of ?



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1317 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz ee33647232 setup.php
- add rewritten function create_admin() (now using AdminHandler, 
  which means 25 instead of 80 lines)
- various follow-up changes to match the rewritten function create_admin()

functions.inc.php:
- delete function create_admin() - setup.php was the last file calling it
- honor POSTFIXADMIN_SETUP in authentification_get_username() to avoid
  a redirect to login.php after creating an admin with setup.php and to
  get "SETUP.PHP" for db_log()

model/AdminHandler.php:
- add TODO: implement generate_password


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1301 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz b335abf02e functions.inc.php - db_log():
- allow log actions create_admin and edit_admin
- add edit_admin_state and delete_admin as comment/reminder that they 
  should also be logged

*.lang:
- add text for the new "create admin" and "edit admin" log actions


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1298 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 3baf1a61c9 functions.inc.php:
- db_delete(): allow to specify additional conditions for the WHERE clause


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1285 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 6f9d520262 list-admin.php:
- use AdminHandler
- move displaying the superadmin flag to the template

templates/adminlistadmin.tpl:
- update to the fieldnames provided by AdminHandler (name->username)
- move displaying the superadmin flag to the template

functions.inc.php:
- delete function get_admin_properties() (was only used by list-admin
  and is not needed anymore) -> 48 lines less :-)
- add TODO to list_admins() to use AdminHandler


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1282 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz dd21f03616 functions.inc.php - db_log():
- add log action 'edit_alias_domain'
- update outdated comment to point to $action_list instead of 
  maintaining the list as comment _and_ variable

languages/*.lang
- add $PALANG['pViewlog_action_edit_alias_domain']


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1278 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 410de7229d functions.inc.php - list_domains_for_admin():
- rewrite to work for superadmins also (will list all domains now
  instead of "ALL"), which means we can drop the admin vs. superadmin
  check at various places
- escape_string $username


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1265 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz a4e2e9101b functions.inc.php:
- get_admin_properties(): escape_string $username instead of relying on
  the calling code to pre-escape it


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1264 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz eba59ffd73 functions.inc.php:
- get_domain_properties(): use DomainHandler (function result mostly 
  unchanged, only difference: instead of quota_sum in bytes it now
  returns total_quota in MB)
- allowed_quota(): adopt to slightly changed return value of
  get_domain_properties()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1248 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz a8e626fe7f functions.inc.php:
- pacol(): new parameter $dont_write_to_db - needed to skip JOINt in 
  columns which (of course) aren't available on INSERT or UPDATE

model/DomainHandler.php:
- initStruct(): mark JOINt in columns with the dont_write_to_db flag
- store(): skip columns with the dont_write_to_db flag set (not_in_db
  columns are also/still skipped)

In non-technical terms: create-domain works now :-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1244 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
David Goodwin 3c880aa0c6 if we are going to write out an sql error message we might as well include the full query
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1241 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 7b15c4b47d functions.inc.php:
- pacol(): use Lang::read instead of global $PALANG (which is undefined
  when called from a *Handler class)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1234 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 7f9d947e8f model/DomainHandler.php:
- use a new SELECT query syntax (sub-SELECTs) that gets all needed
  information (including alias count, mailbox count and total quota)
  in one query and is fast as light.
  Better don't ask how long it took me to write this query, and I
  seriously hope it works with postgresql. Otherwise...!
- add alias_count, mailbox_count and total_quota (including the required
  SQL magic) to $struct
- add support for funny[tm] query tricks in $struct:
  - replacement for field name in SELECT statement
  - additional SQL after the FROM xy clause - useful for JOINs
- new function getList($condition) to get a list of domains
- order SELECT results by $this->id_field (needed for getList)
- add comment about the values used in $struct[*][type]

functions.inc.php:
- add two more optional parameters to pacrypt(): $select and $extrafrom

scripts/shells/domain.php:
- display number of existing aliases and mailboxes
- display quota sum



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1230 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 429ef27031 functions.inc.php:
- new function db_where_clause($condition, $struct) to create a WHERE clause.
  bool values are converted with db_get_boolean() based on $struct

model/DomainHandler.php - view():
- build WHERE clause with db_where_clause()
- new array $colformat for columns which need special handling in the field list
  (that's more readable than tons of elseif on the long term, and allows easier
  customization (hook/$CONF value?))



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1228 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 7ed7c67fbe functions.inc.php - smtp_mail():
- error_log() the error message if fsockopen() fails


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1227 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 53d720a569 functions.inc.php:
- db_get_boolean(): allow 0 and 1 as parameters, not only boolean true/false


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1222 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz da21a4cae2 functions.inc.php:
- new function db_boolean_to_int() to convert boolean values from the 
  database to integer (0 or 1)
- db_get_boolean(): error out on unknown $CONF[database_type]


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1208 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz d6d4fb4748 functions.inc.php - create_admin()
- check password with validate_password()
- cleanup the handling of the success message

This fixes 50% of
https://sourceforge.net/tracker/?func=detail&aid=1951979&group_id=191583&atid=937964


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1193 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 69b3df10e4 config.inc.php
- new config option $CONF['password_validation'] - array with regular
  expressions to check if a password is valid/good enough.
  The default configuration enforces:
  - minimum length 5 characters/digits/whatever
  - at least 2 characters
  - at least 2 digits
- removed $CONF['min_password_length'] - it's now handled in /.{5}/ in
  $CONF['password_validation']

functions.inc.php
- new function validate_password to check a given password against
  $CONF['password_validation']
- generate_password: generated password is always 8 chars long
  (instead of $CONF['min_password_length'])

edit-admin.php, users/password.php, edit-mailbox.php, setup.php:
- use validate_password instead of $CONF['min_password_length']

This implements
https://sourceforge.net/tracker/?func=detail&aid=1785513&group_id=191583&atid=937967


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1192 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 9f2a0db106 create_admin() cleanup
functions.inc.php:
- create_admin(): use db_insert instead of INSERT queries
  (this includes automatic escaping of all values)

create-admin.php:
- use safepost instead of isset($_POST[...])
- don't escape_string post values - it's done inside create_admin now
- remove superfluous emptying of empty $tDomains for GET
- allow htmlentities-escaping for pAdminCreate_admin_username_text
- some whitespace / linebreak changes

setup.php:
- load config.inc.php only once (loading it twice will break if custom
  hook functions exist in config.*.php - "can't redefine function ...")
- use safepost instead of isset($_POST[...])
- don't escape_string post values - it's done inside create_admin now
- escape $tUsername with htmlentities() instead of escape_string



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1190 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz bd4889a7c2 functions.inc.php - check_email():
- replace $CONF[vacation_domain] only at the end of the mail address


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1188 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 0403a0a55a functions.inc.php - check_owner():
- escape_string() $username and $domain to prevent SQL injections
- add a TODO


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1171 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 0656852d4e functions.inc.php:
- new function allowed_quota to get the allowed maximum quota for a mailbox.
  Based on a patch by wvolz (wvolz@SF), but with several enhancements/changes.
  https://sourceforge.net/tracker/index.php?func=detail&aid=2856577&group_id=191583&atid=937966
- added a TODO note

edit-mailbox.php:
- get maximum allowed quota via allowed_quota() instead of just using
  the maxquota of the domain


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1156 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz d09ae9e360 model/DomainHandler.php:
- integrate $defaults in $struct to have everything in one place
- integrate field labels, descriptions etc. in $struct
- $struct now has named keys and is filled with the new pacal() helper function
- replaced TODO comments with new ones ;-)

functions.inc.php:
- new function pacol() to fill $struct with an associative array


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1145 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz d660270ef9 functions.inc.php
- changed array item name in comment for create_admin()

This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1106 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 0bc0c29a77 functions.inc.php:
- create_admin():
  - renamed some internal variables
  - removed a variable setting that was always overwritten in the next line
  - disabled setting a var to $PALANG['pAdminCreate_admin_username_text']

This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1103 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 28cce0ca37 config.inc.php
- change default of $CONF['admin_email'] to '' and updated the comment.
  IMPORTANT: If set, this will be used as mail sender for all mails
  (2.3.x used the currently logged admin's username in most cases).
  $CONF['admin_email'] = '' will match the 2.3.x behaviour.

functions.inc.php:
- new function smtp_get_admin_email() to get mail sender address
  ($CONF[admin_email] or currently logged in admin if not set)
- changes compared to Dale's patch: 
  - added @return in comment
  - switched to /** comment style

This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1093 a1433add-5e2c-0410-b055-b7f2511e0802
13 years ago
Christian Boltz 43bde95b57 functions.inc.php - pacrypt():
- if dovecotpw does not give the expected output, read stderr and write
  it to error_log()

This would have made the debugging session I just had with makomi on IRC
about an hour shorter ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1071 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 3330e20b81 functions.inc.php - gen_show_status()
- do not leave the while loop with break - this could hide some
  undeliverable alias targets from being flagged if another alias
  target points to a domain in $CONF[show_undeliverable_exceptions]
- do not add a blank $CONF[show_status_text] if 
  $CONF[show_undeliverable] is disabled - it only wastes space ;-)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1069 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz b6cf638b4e functions.inc.php - gen_show_status():
don't show vacation_domain as undeliverable + various code cleanup

- don't show the vacation domain as undeliverable
  In theory this should already have worked already, but $stat_vacdomain
  missed the first letter of the domain ("xample.com" instead of
  "example.com") which broke it.
  Fixed by using $stat_domain, which has the same content anyway.
  This fixes part (2) of
  https://sourceforge.net/tracker/?func=detail&aid=1951926&group_id=191583&atid=937967
- generate the regex for $CONF[recipient_delimiter] at the start of the
  function. Besides saving some CPU cycles, this makes the code more
  readable.
- generate $stat_domain earlier and in a regex-free way
- drop $stat_catchall - it's nothing else than @ + $stat_domain
- use in_array() to check $CONF[show_undeliverable_exceptions] instead
  of a while loop



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1068 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz b323c8d25c functions.inc.php:
- lots of whitespace changes

old:
    foo
    {

new:
	foo {


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1067 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 9a1317edc9 functions.inc.php:
- check_quota(): whitespace changes only


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1066 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 62261f54ae functions.inc.php: fix check_quota() to handle unlimited maxquota
- explicitely check for unlimited maxquota when checking if 
  $quota > $limit[maxquota]. Without this, $quota was always
  considered as being too big (not surprising, everything is >0 ;-)
  This fixes https://sourceforge.net/tracker/?func=detail&aid=3306926&group_id=191583&atid=937964
  (caused by domain quota patch, therefore not affecting 2.3.x)
- replaced setting $rval with return in some cases if the decision is
  final without needing to check domain quota
- added lots of comments to make understanding the function easier



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1065 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz af6a1b6626 Add support for domain-level quota (total quota for a domain)
Based on a patch from W. Rossmann (W. Rossmann@SF),
https://sourceforge.net/tracker/index.php?func=detail&aid=2974928&group_id=191583&atid=937966
with some modifications, cleanup and adoptions to trunk (especially templates)

config.inc.php:
- new config option $CONF['domain_quota'] to enable/disable domain-level
  quota (default: enabled)
- new config option $CONF['domain_quota_default'] (default: 2 GB)

functions.inc.php - check_quota():
- add code to check the quota sum on a domain
- add optional parameter $username (to exclude that username from quota
  calculation, used by edit-mailbox)

edit-domain.php, create-domain.php,
admin_edit-domain.tpl, admin_create-domain.tpl:
- add input field and handling for domain-level quota

list-domain.php, overview-get.tpl, adminlistdomain.tpl:
- display allocated and allowed domain quota
- beautify quota and max_quota fields - display "unlimited" instead of "-1"

edit-mailbox.php:
- hand over username to check_quota()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1042 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz f503ba1098 functions.inc.php,
- db_delete(): if no row was deleted, return 0 (not true)
  This should not affect any existing code, but makes more sense
  for future usage.
- whitespace changes in db_delete()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1035 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 736074ec12 list-virtual.php: use create_page_browser().
This will speed up pagebrowser creation by about 300 times.

This fixes 
https://sourceforge.net/tracker/?func=detail&aid=2967410&group_id=191583&atid=937964

It also brings back the pagebrowser in search mode and therefore fixes
https://sourceforge.net/tracker/?func=detail&aid=2782818&group_id=191583&atid=937964

Detailed changes:
- create separate query parts for pagebrowser creation
  (without SELECT $fieldlist and LIMIT clause)
- create pagebrowser arrays with create_page_browser()
- cNav_bar class: parameter cleanup in constructor: use count() instead of 
  relying on external counting
- change cNav_bar calls accordingly


functions.inc.php:
- remove pagebrowser generation from get_domain_properties()
  (no longer needed, obsoleted by create_page_browser)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1034 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 799cd9c2f3 functions.inc.php:
- create_page_browser(): added queries for PgSQL (untested!)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1033 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz cfd1be04b2 functions.inc.php:
fully working MySQL version of create_page_browser()

- force $page_size to int and die() if it is < 2
- dropped $item_count parameter - the function now counts itsself
- include last row in the query
- return empty array (= no pagebrowser) if all rows fit in one page
- PgSQL queries are still on my TODO list


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1030 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 63146720d4 functions.inc.php:
- generate_password(): generate more secure random password

Based on a patch from Pierre Fagrell (mrfrenzy@SF),
https://sourceforge.net/tracker/?func=detail&aid=2958698&group_id=191583&atid=937964
(with some modifications)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1026 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 67069e07f8 functions.inc.php:
- new function create_page_browser()

Function to create the page browser index ("a-c, d-h, ...") with light
speed (at least when compared with the current code that can take several
minutes(!) for people with lots of mailboxes or aliases).

At the moment, it only works with MySQL, has several big TODO notes 
(including notices how to implement the PostgreSQL query) and is not
yet actively used.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1022 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz d66262f00e Remove usage of $CONF['postfix_admin_url'] in various Location: headers
to avoid problems with wrong values of $CONF['postfix_admin_url'].

https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3039042&group_id=191583
contains the technical details and reasons.

Note: $CONF['postfix_admin_url'] is still used at some places that are
a bit harder to change.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1021 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Valkum 179f195bf1 *fixed db_insert - duplicate $timestamp
*fixed VacationHandler.php
*changed edit-vacation to us VacationHandler
*added todopoint to upgrade.php
*fixed problem in AliasHandler


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@981 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz c97e5224dc Remove $username parameter from db_log()
functions.inc.php:
- remove $username parameter from function db_log()
  (now auto-detected with authentication_get_username())

various files:
- remove hardcoded username ('CONSOLE', $username etc.) in db_log() calls


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@966 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz ba8fc89347 Preparation for removing the $username parameter from db_log()
(will be detected by authentication_get_username() instead)

scripts/postfixadmin-cli.php:
- define ("POSTFIXADMIN_CLI", 1) (we have no session running and need a
  way to tell authentication_get_username() that this is a CLI access)

functions.inc.php:
- authentication_get_username(): check for POSTFIXADMIN_CLI constant,
  return 'CLI' if set
  (hmmm, do we need a similar thing for XMLRPC?)
- db_log(): override $username parameter with authentication_get_username()
  (removing it from function parameters will be my next big commit)


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@965 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 4a2b40e100 changed db_update parameters for the most common usecase "WHERE col=value" -
column and value are separate parameters now

functions.inc.php:
- changed function db_update() parameters - column name and value for the WHERE
  condition are now two separate parameters. This means we don't need to
  escape_string(), add quotes etc. for most UPDATE queries.
  Example call: db_update('alias', 'address', $this->username, $values_array)
- the previous db_update() is now called db_update_q()

model/UserHandler.php:
- changed db_update call to the new parameters
- removed now unused variables
- renamed $username to $E_username
- call pacrypt directly when setting the $set array, no need for $new_db_password

model/AliasHandler.php
- changed db_update call to the new parameters

edit-mailbox.php
- switched to db_update_q()


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@931 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 93d80797ea functions.inc.php: last commit missed some changes to db_log():
- sorted $action_list to make it more readable
- cleanup


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@910 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 900615a5ec functions.inc.php: various improvements while working on UserHandler.php
- smtp_mail(): added another (currently optional) parameter.
  It can now be called with subject and body, no need to build the mail
  header in every script that needs to send a mail.
- db_delete() did not use table_by_key. Fixed, backport queued for 
  2.3 branch
- db_insert() now has array(created,modified) as default for timestamp 
  columns so that most calls can be done without that parameter
- db_update() now has array(modified) as default for timestamp column
  so that most calls can be done without that parameter
- new functions db_begin / db_commit / db_rollback - BEGIN / COMMIT / 
  ROLLBACK wrapped in a check for $CONF['database_type'] == "pgsql".
  One more step to get rid of database-specific code in all files.
- db_log(): 
  - migrated to db_insert. This should also fix some missing quoting.
  - sorted $action_list to make it more readable
  - backport queued for 2.3 branch for both changes


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@907 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 623d992091 functions.inc.php:
- check_domain(): don't trim() the domain - whitespace is an error.
  This catches "foo@ domain.com" that wasn't catched before.


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@902 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 512c9bfb44 functions.inc.php:
- replaced deprecated split() call with preg_split()
  https://sourceforge.net/tracker/?func=detail&aid=3060495&group_id=191583&atid=937964
- added hint about probably missing php5-* packages in error messages if 
  database functions don't exist



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@892 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz 4c912f1da8 list-virtual.php:
- hand over $search to smarty templates

templates/list-virtual_alias.tpl, templates/list-virtual_alias_domain.tpl:
- add search result highlighting

templates/list-virtual_mailbox.tpl:
- add search result highlighting
- move output of "Mailbox" / "Forward only" outside the foreach loop
  (was displayed once per mailbox alias target)

css/default.css:
- add style for ".searchresult"



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@868 a1433add-5e2c-0410-b055-b7f2511e0802
14 years ago
Christian Boltz c070a61ef2 functions.inc.php
- remove obsolete unlink($tmpfile) that was re-introduced by smarty merge


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@785 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz 3922f6fece after an hour of debugging with Han on #postfixadmin...
functions.inc.php:
- added error message if the check_owner query returns more than one result.
  This can happen with old databases (pre-2.3) where the domain_admins table
  contains "ALL" _and_ a domain for a superadmin - which results in the
  superadmin not able to edit mailboxes etc. for this domain.
  (Error message not translatable - this is a corner case.)

list-virtual.php:
- add "invalid parameter" error message before redirecting to list-domain
  if the user doesn't have permissions for a domain


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@778 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Sebastian b1287d97e2 - big merge of Postfixadmin smarty into trunk
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@757 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz 188aa2bd5c functions.inc.php:
- handle dovecot passwords without any tempfile (to prevent safe_mode issues)
  Changed based on a patch from Aleksandr @SF,
  https://sourceforge.net/tracker/?func=detail&atid=937966&aid=2890471&group_id=191583


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@752 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz 6220b6d85c after a long weekend...
list-virtual.php:
- merge search functionality into list-virtual.php (even more performant
  for domain admins now - search.php checked domain ownership after
  querying all domains...)
  (Use list-virtual.php?search=searchterm to test searching)
- allow to display mailbox alias targets in mailbox list
  Fields added to the mailbox list array:
  * goto_mailbox (mailbox (=1) or forward-only (=0))
  * goto_other (array with aliases not pointing to the mailbox)
  * (vacation alias is skipped)
  open question: is $display_mailbox_aliases = boolconf('special_alias_control')
  correct? I'm slightly confused with alias_control, alias_control_admin
  and special_alias_control...
- build mailbox query step by step instead of having several variants
  which overlap 90% (and include a high bug potential, as already
  demonstrated by me ;-)

templates/list-virtual.php
- added search result highlighting
- added displaying of mailbox aliases (goto_mailbox and goto_other)
- removed ?domain= parameter for edit-alias.php, other edit-*.php have
  to follow (otherwise we'll have to extract the domain from the address
  to avoid incorrect parameters in search mode)

functions.inc.php
- added db_in_clause() which builds a "field in(x, y)" clause for
  database queries



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@751 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz 7c890a49ea postfixadmin 2.3 final(ly) :-)
- updating version number in various places


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@739 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz 04b272472d support for displaying quota (dovecot 1.1 and 1.2 format)
upgrade.php
- create quota and quota2 table (upgrade_729)
- create the triggers required by dovecot (upgrade_730_pgsql)

list-virtual.php
- updated to work with both quota tables
  Patch by Varren Volz, https://sourceforge.net/tracker/?func=detail&amp;aid=2867629&amp;group_id=191583&amp;atid=937966
- changed query for 1.1 quota table to 
      WHERE [...] AND  (  $table_quota.path='quota/storage' OR $table_quota.path IS NULL  )
  This fixes https://sourceforge.net/tracker/?func=detail&aid=2794247&group_id=191583&atid=937964
  (users not shown when initial email is not sent)

config.inc.php, functions.php
- new config option $CONF['new_quota_table'] (YES means dovecot 1.2 format)
- set variables for new quota2 table

DOCUMENTS/DOVECOT.txt
- added note that quota table is automatically created
- added note about different quota tables for dovecot 1.0/1.1 and >= 1.2


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@730 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
David Goodwin 93b4d3e71a functions.inc.php: allow for port specification for PostgreSQL
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@717 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
David Goodwin c4002d5e0b functions.inc.php: fix as per Geoff Shangs report via email
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@710 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
David Goodwin 814539fe50 fix db_get_boolean behaviour - postgres returns "t" or "f" - and also accepts this
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@700 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
David Goodwin d487507e8e functions.inc.php: support base64 encoded sha1 passwords (flavour=SHA); thanks to mez@sourceguru.net
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@698 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
Christian Boltz e46f73fed2 functions.inc.php
- replace ereg (introduced in r693) with preg_match


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@696 a1433add-5e2c-0410-b055-b7f2511e0802
15 years ago
David Goodwin 345de9214c bump up to 2.3rc7
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@694 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin f1fc057f43 fix crypt() usage - see https://sourceforge.net/tracker/?func=detail&aid=2814820&group_id=191583&atid=937964 ; thanks for the patch
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@693 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 8200ef4788 ready for 2.3rc6
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@689 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 9af0d53318 functions.inc.php: stupid syntax error; thanks David Verdier
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@686 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 36ae454ff5 remove ereg stuff
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@683 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 4f88abb0fd remove pointless ereg stuff
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@680 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin c137191ed7 lets try and get rc5 up and around
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@661 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz 7480181a18 functions.inc.php:
- gen_show_status(): honor recipient_delimiter in POP/IMAP check


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@657 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz a9d9e3d96a reverting most changes from SVN r572 aka
https://sourceforge.net/tracker/index.php?func=detail&aid=2567466&group_id=191583&atid=937966
because 
- it undermines the $CONF[*alias_control*] settings more or less - 
  mailbox aliases with non-default targets are always shown in 
  the "Aliases" section - see comment from 2009-05-04 on 
  https://sourceforge.net/tracker/?func=detail&aid=1902476&group_id=191583&atid=937964
- it introduced some "funny" bugs - a nice example is
  http://sourceforge.net/tracker/?func=detail&aid=2786284&group_id=191583&atid=937964

Files / sections affected by the revert:
- list-virtual.php: all numbers (alias count etc.) correct?
  (the changes in this file are the largest ones)
- functions.inc.php: SQL queries in get_domain_properties()
- delete.php: the only change since r572 affected code that was inserted 
  in r572 (and is now deleted again) - nothing should break here
- create-alias.php: had no changes since r572 - therefore nothing should 
  break here

Exceptions (not reverted):
- edit-alias: this change looks useful (hide mailbox alias target from 
  admins if they don't have permissions to change it). The actual code 
  has changed in the meantime, but the functionality stays.
  Additionally, reverting this would be very hard or throw useful later 
  changes away.
  BUT: shouldn't the page completely forbid to edit a mailbox alias if
  the admin doesn't have permissions for it?
- functions.inc.php: comment for pacrypt() ;-)
- linebreaks in long SQL queries

Please check if everything is still working as expected (especially the domain
list and the virtual list) - I did only some quick tests.



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@652 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
Christian Boltz 9102b62a6e functions.inc.php:
- gen_show_status(): add support for recipient_delimiter when checking aliases
  This implements part (8) of 
  https://sourceforge.net/tracker/?func=detail&aid=1951926&group_id=191583&atid=937967

config.inc.php:
- add new setting $CONF['recipient_delimiter']


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@650 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin bb43fdd088 functions.inc.php: reindent
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@641 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 08e54eead9 update documentation; get ready for a 2.3rc4 release
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@634 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago
David Goodwin 96985c965f debian/changelog, function.inc.php, CHANGELOG.TXT : 2.3 rc3 is almost here
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@613 a1433add-5e2c-0410-b055-b7f2511e0802
16 years ago